26 to 50 of 225 Incident Response Jobs in the UK excluding London

Security Drive the secure design and operation of critical technology platforms collaborating with platform owners and engineering teams to embed security throughout the lifecycle Incident Response Threat Management Provide technical oversight for incident response threat detection and vulnerability management Lead root cause analysis and remediation ...

ideal candidate is a “leader‐doer” who can manage the security of complex environment while remaining sharp enough to deep‐dive into an incident response bridge or a cloud architecture review. Duties and Responsibilities Detection Strategy : Build and maintain a world‐class Threat Intelligence program to pivot from … reactive to proactive defense. IR Leadership : Serve as the ultimate escalation point for high‐priority security incidents, leading the Incident Response team through containment, eradication, and recovery. Hunting : Establish regular threat‐hunting cadences to identify dormant or sophisticated actors within the environment. Stay abreast, and keep up with ...

SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop … correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. ...

performance testing for all components æ Ensure solutions are reliable, reproducible and stable across releases æ Support continuous improvement of testing practices Monitoring and Incident Response æ Implement observability and monitoring tooling æ Track system performance and detect anomalies æ Support incident response, troubleshooting and root ...

security solutions appropriate to the business needs. Support the definition, execution and continuous improvement of key cyber security processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography. Assist with developing and maintaining security policies, processes and incident response management plans and playbooks. Prepare and document standard operating procedures and protocols. Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc. Contribute as a team member in projects and change initiatives aimed ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

/7 SOC services across multiple platforms and projects. You will lead and support a small team of analysts, oversee security monitoring and incident response, and contribute to the development of security controls, processes and governance. You will work closely with senior stakeholders to produce security reporting, support … technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability ...

architecture, secure development lifecycle practices and appropriate technical controls Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security Work closely with stakeholders at all levels of the organisation, including operational teams … Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation Lead response to significant information security incidents, acting as a senior decision‐maker during crisis situations and driving post‐incident learning and improvement Build ...

using Linux, containers and modern automation and CI/CD tooling to improve reliability, performance and security. The position combines hands-on engineering, incident response and continuous improvement of the platform and its supporting infrastructure. Responsibilities Design, implement and support scalable, resilient cloud-based solutions … part of a collaborative engineering team. Contribute to the design and implementation of observability and resilience practices to improve system reliability. Participate in incident response, troubleshooting and root cause analysis to enhance system stability and prevent recurrence. Work with CI/CD pipelines (e.g. GitLab CI or GitHub ...

service model for critical data engineering pipelines, aligned to project requirements. Establish clear service constructs, including: Support coverage models (core hours, escalation) Incident, problem, and change processes Release and maintenance windows Ensure service definitions are fit for current pipeline complexity , not aspirational future platforms. 2. Service Readiness & Operational Assurance … deprioritised Contribute to operational continuity planning for high‐risk services. 4. Operational Playbooks & Knowledge Enablement Define standards and structure for: Operational playbooks Incident response procedures Escalation paths Ensure playbooks are: Pipeline-specific Actionable by support teams Validated with technical SMEs Support completion and validation of knowledge transfer activities ...

maintain Huel’s information security strategy, aligned with business priorities, technology risks, and growth plans. Oversee core security capabilities, including threat detection, vulnerability management, incident response, access controls, and continuous improvement. Partner with Engineering, Data, and IT Operations to embed security across the full lifecycle of applications, systems … Strong knowledge of frameworks, standards, and regulations such as NIST, Cyber Essentials, and GDPR Experience building or maturing capabilities across risk management, incident response, vulnerability management, governance, and awareness Experience working with third-party security providers across services such as penetration testing, Managed Detection and Response ...

recovery aligned to RTO/RPO Manage identity and access management controls Implement monitoring and alerting using Azure Monitor and Log Analytics Support incident response, recovery and release readiness Collaborate with engineering leads, security teams and partners Profile A successful DevSecOps should have: Problem-solving skills … hands-on experience with ARM and Bicep CI/CD pipeline security in Azure DevOps DevSecOps framework design experience Vulnerability management and remediation delivery Incident response, backup and recovery experience Strong scripting skills (PowerShell, Python) Excellent communication and stakeholder influencing skills Self-starter with strong problem-solving mindset ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

maintain threat actor profiles, campaigns, TTP assessments and intelligence reports for a range of diverse audiences. Key accountabilities include: Provide intelligence inputs into incident response, including threat enrichment, contextual analysis and post incident reporting. Translate technical intelligence into clear, actionable guidance for Security, IT, OT and leadership … able to demonstrate the following: Previous experience producing or analysing cyber threat intelligence in a security or enterprise environment. Experienced in contributing to incident response via threat enrichment or analysis. Demonstrable experience of hands-on use of CTI/OSINT tools and creating intelligence products for varied audiences. ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

global Security Operations Centre (SOC) performance, driving operational metrics, service quality, and continuous improvement Lead the execution and coordination of major cyber incident response activities under pressure Establish robust operational governance, reporting, audit readiness, and control assurance globally. Manage accountability and performance for third-party SOC and Managed … Detection and Response (MDR) providers Mentor and develop senior managers, supporting capability growth and succession planning within the function Essential Skills & Experience Extensive, hands-on experience leading large-scale cyber security operations, including SOC and Incident Response Demonstrated ability to manage and respond to significant, complex cyber ...

formal dotted‐line accountability, without centralising day‐to‐day operations.*Cyber security oversight** Own the enterprise cyber risk posture, ensuring cyber capabilities, controls and response are appropriate to business and threat context.* Set expectations for cyber resilience, incident response and recovery, working in partnership with Technology leadership. … defence, critical infrastructure, maritime or highly regulated industries.* Familiarity with ISO 27001 and related security and risk frameworks.* Experience working with cyber insurance, incident response and crisis management at executive level.**Salary for this position:** Up to £170,000 per annum**Salary**: The salary varies for this position ...

controlled environment. The Role You'll be responsible for the day-to-day operation and improvement of a central Azure cloud platform, covering monitoring, incident response, automation, and platform reliability. Senior hires will also play a key role in mentoring others and driving improvements across the platform. What … Azure (IaaS/PaaS) Terraform for Infrastructure as Code Kubernetes and containerised platforms CI/CD using GitHub Actions or similar Monitoring, alerting, and incident response tooling L2/L3 on-call support within a 24/7 rota What they're looking for Experience supporting cloud platforms ...

leadership for the delivery and continuous improvement of NRW's telemetry services. These services underpin NRW's ability to deliver critical flood risk management, incident response, and water resource management services. You will act as NRW's senior technical authority for telemetry systems, with end-to-end responsibility … purpose. Your expertise will directly support evidence-based decision-making, enabling effective routine operations and providing trusted data and system performance during incident and emergency response. As an organisation we support flexible working. You will be contracted to the nearest NRW office to your home and a suitable hybrid ...

aligned with industry best practices. The successful candidate will work closely with security operations, infrastructure, and application teams to ensure tooling supports threat detection, incident response, and compliance requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain … performance and ensure data quality, coverage, and alerting accuracy. Collaborate with internal teams to ensure tools are aligned with business and security objectives. Support incident response activities by ensuring tooling provides actionable insights and forensic data. Document configurations, procedures, and tool usage guidelines. Participate in tool evaluations ...

monitoring solutions into OT networks, alongside the rollout of hardened security baselines. You'll work closely with SOC, security architecture and incident response teams to integrate solutions into a centralised SIEM/SOC capability and fine-tune detection and response.This is a highly technical, electrofocusing role offering real … security technologies (EDR, ITDR, NDR, ICS monitoring) Integrate OT security tooling with a central SOC/SIEM environment (including alerting, detection and response tuning) Take a threat led approach to security configuration, aligned to MITRE ATT&CK, Cyber Kill Chain and relevant threat intelligence Roll out endpoint ...

operations, and external security partners, you'll design and implement robust security controls while continuously improving resilience and reliability. You'll take ownership of incident response activities, proactively monitor threats, and drive improvements across vulnerability management and security tooling. Alongside day-to-day operational security, you'll contribute … firewalls, SIEM platforms, endpoint protection, and vulnerability management tools Experience securing both cloud-based and on-premise environments A solid background in security incident response and investigation Experience working with third-party security vendors or managed service providers The ability to communicate technical security concepts clearly ...

operations. Ensure availability and performance of core banking systems, payment gateways, and all customer-facing digital platforms. Lead IT change, systems upgrades, incident response, and technology risk management. Govern system access controls, IT policies, and disaster recovery processes. Oversee cybersecurity strategy, controls, testing (including penetration testing), and ongoing … monitoring. Ensure compliance with FCA/PRA cyber requirements, NCSC guidance, and GDPR. Own the incident response plan for cyber events and support regulatory notifications if required. Oversee payment processing (Faster Payments, CHAPS, BACS, card payments, etc.). Ensure reconciliations, settlements, and exceptions management are timely and accurate. ...

maturity toward CTEM, and strengthen our Exposure Management model. You'll ensure alignment with security policies, standards and regulatory requirements, while maintaining and enhancing incident response plans, documentation, risk assessments and remediation records. You'll also play an active role in training and awareness to promote strong security … hygiene across the organisation. To succeed, you'll bring relevant experience in vulnerability management, risk analysis and incident response, supported by certifications such as CISSP or CISM, plus a degree or equivalent experience in Information Security, Computer Science or a related field. If you're excited by transforming ...

Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast-growing cyber security and IT roles. … security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills ...